The remote webmail application suffers from a data modification
vulnerability.

Description :

The installed version of SquirrelMail allows for restoring expired
sessions in an unsafe manner. Using a specially-crafted expired
session, a user can leverage this issue to take control of arbitrary
variables used by the affected application, which can lead to other
attacks against the system, such as reading or writing of arbitrary
files on the system.